As more and more businesses connect to the Internet, employee misuse of company computers and networks is increasing and, perhaps, reaching epidemic proportions. As a result, employee productivity is often significantly reduced. Moreover, the threat of lawsuits against the company is increased due to increased potential for inappropriate or illegal use of the network.
Unfortunately, there are very few products available for use by managers to monitor network use by employees, whether the network is a local area network or a wide area network such as the Internet, and report on violations of corporate policy. Instead, rather than allow monitoring of network use, most products attempt to block access to web sites that are deemed non-business-related sites. However, such products are largely ineffective, regularly allowing access to non-business-related sites, as well as erroneously blocking access to legitimate business-related sites. Most of these products compile databases of web uniform resource locators (URLs) that are deemed inappropriate. There are many problems with this approach. First, it addresses only web access, ignoring email, chat sessions, and similar communications. Second, the Internet is growing too rapidly to maintain an effective database of inappropriate sites. As soon as a new database update is released, it is already hopelessly out of date. Third, the size of the database must be proportional to the size of the Internet. Given the Internet's rapid and unlimited growth, no database approach can scale well enough to use in the long term. Fourth, the selection of appropriate versus inappropriate URLs is made by the manufacturer of the product. This reduces the manager's ability to tailor the database to reflect individual corporate needs.
Alternatively, a few products use lists of keywords rather than a URL database to monitor employee activity. These have the advantage of scaling well and enabling managers to customize web access rules that more accurately reflect corporate policy. However, most products use a simplistic implementation of keyword searching, resulting in nearly as many errors as with the URL database approach. For example, a legitimate medical site may be incorrectly identified as pornographic because of references to human genitalia.